Description
brianleroux tiny-json-http version all versions since commit 9b8e74a232bba4701844e07bcba794173b0238a8 (Oct 29 2016) contains a Missing SSL certificate validation vulnerability in The libraries core functionality is affected. that can result in Exposes the user to man-in-the-middle attacks.
Remediation
References
https://github.com/brianleroux/tiny-json-http/pull/15
Related Vulnerabilities
CVE-2022-40955 Vulnerability in maven package org.apache.inlong:sort-connector-mysql-cdc
CVE-2018-1000180 Vulnerability in maven package org.bouncycastle:bcprov-jdk15on
CVE-2019-14862 Vulnerability in maven package org.webjars:knockout
CVE-2022-23623 Vulnerability in npm package frourio
CVE-2016-10524 Vulnerability in npm package i18n-node-angular